CVE-2019-18232

Name of the Vulnerable Software and Affected Versions SafeNet Sentinel LDK License Manager versions prior to 7.101

Description The issue is related to incorrect link resolution before file access, allowing an attacker with local access to create, write, and/or delete files in system folders using symbolic links. This can lead to privilege escalation and potentially allow the execution of a malicious DLL, impacting system integrity and availability.

Recommendations For versions prior to 7.101, update to version 7.101 or later to resolve the issue. As a temporary workaround, consider disabling the service configuration of the SafeNet Sentinel LDK License Manager to minimize the risk of exploitation. Restrict access to system folders and monitor for any suspicious activity related to file creation, modification, or deletion.